Application Security and Control in the Age of Advanced Malware

Protecting a network from threats has continued to become more complex, as a fundamental change has occurred in how users and their devices interact with the network and applications. From the explosion of mobile devices and mobile apps (including BYOD and BYOA) to the growth in unmanaged cloud-based repositories of confidential data such as Dropbox and Google Docs, the data on your network is significantly different from what it was only a few years ago.
One critical aspect of application security is the ability to ensure that the applications and data in your network are not conduits for advanced malware that seek to compromise your systems and harvest your data. The webinar will discus application security and how it relates to controlling malware at each stage of an attack:
- Evasion
- Compromise
- Data exfiltration

Take a deep dive into trends such as questionable applications and botnets, exploit activity and when cybercriminals are most active. We'll discuss the correlation between infrastructure and infestation, detail exploit and ransomworm activity, and give recommendations on how to best prepare for the next attack.

In this webcast, Derek Manky, Global Security Strategist, highlights the main findings from the FortiGuard Threat Landscape Report and discusses their implication for Enterprise Security Leaders.

This report identifies the threats and trends IT security professionals, from CISO to Security Operations, should be most prepared to address. It draws from the FortiGuard Labs’ vast array of network devices and sensors within production devices, comprising billions of events and incidents observed in live production environments around the world between January 1 and March 31, 2017.

As the most recent outbreak of ransomware has proven once again, a debilitating attack can come from anywhere, with any sort of malware, and have a global impact. While headlines and marketing statements constantly shout “Zero Day”, even old malware can be used effectively to wreak havoc in a network if it’s not properly configured and up to date.

The threat landscape never stops evolving and neither should an enterprise’s cyber security strategy. New products, new features and efficient source of threat intelligence are just some of the tools that an enterprise should look for from their security vendors.

This session will look at the evolution of Advanced Threat Protection and how continuous development across the full range of technologies is crucial to maintaining security efficacy.

Has the world of IoT taken over your world? As yet another technology is being embraced for all of the wonderful things that it can do, the not so nice side of IoT is either being ignored or not understood by consumers and enterprises alike.

In some ways IoT is nothing new, computers and mobile devices such as phones and tablets have been connecting to enterprise and carrier networks for years. But as whole new categories of devices are being recreated and connected, we see enterprises struggling with how to master and control this modern and high tech Hydra.

This session will focus on the challenge of securing IoT devices in the enterprise network and will identify three key issues that enterprises need to be aware of in order to securely leverage the potential advantages of IoT.

IoT networks grow by the day - prompting sleepless nights from security professionals the world over. As more and more devices join the network, how can we ensure that they're not becoming the latest weak link in the network?

This expert panel will look at vulnerabilities in the IoT, those that are more obvious and those that perhaps aren't. It'll also cover the latest threats targeting IoT networks; the mechanisms and techniques that are being used and how to stop them.

The IoT will be critical to business and consumer life from hospitals to connected cars to factory floors. Security and privacy remain key concerns and this panel will break down what the explosion of IoT networks will mean for security professionals.

GDPR and its May 2018 deadline are now fully the minds of the vast majority of security professionals and with massive fines on the horizon for non-compliance, now is a better time than ever to get to grips with the legislation and ensure that your organisation is secure and compliant.

Join this live interactive panel where our selection of industry experts will be discussing the ins and outs of the regulations; how to prepare, steps to take and what to look out for.

It’s vital that your business has carried out the relevant preparations for compliance by then to make sure you don’t get whacked with a huge fine of up to £15m or 4% of your organisation’s global annual turnover.

Not only are there potentially huge financial repercussions, but leaving your business open to attack and your customers at risk can cause serious reputational damage.

This expert panel will be discussing next steps to make sure that the next 12 months are as pain free as possible.

The clock is ticking on the General Data Protection Regulation (GDPR) coming into effect and while there isn’t wide scale panic yet, lots of organizations are either 1) in denial or 2) just coming to grips with its implications.

The difficulty with GDPR is that the regulation states the “WHAT” but pretty much is silent on the “HOW”. The overwhelming majority of the regulation deals with process, procedure and is it really necessary to collect the data and stresses the rights of the data subject. How to protect the data, in movement and in rest, is left to individual organizations to decide except for the vague mention of “continuous risk assessment” and “state of the art”.

Another major change from the existing national regulations, which were enacted during the mid to late 1990s, GDPR takes into account the massive change in how technology plays in everyday. To protect the data subject, the punitive aspect of non-compliance is significant with penalties of €20M or 4% of annual turnover, whichever is GREATER.

So in this confusing and changing environment, where do cyber security technologies come into play?

This session will focus on the role of the underlying network in any organization’s GDPR compliance efforts and how to take advantage of certain aspects of GDPR to avoid the substantial penalties associated with the regulation.

WannaCry has made a statement, impacting more than 300,000 victims across more than 150 countries.

Join us to learn how threats like ransomware can become so widespread so quickly, the impact that not being prepared and protected can have on your business, and how to ensure you are well positioned to avoid the IT chaos future threats may pose.

Using Authentication and Identity Management to Secure a Financial Network:
The Door is Still Open and the Horse is Almost out of the Barn

Carbanak. JP Morgan/Chase. Dyre Wolf. Bank of America. Bangladesh. Tesco Bank. This roll call should be proof enough of the attractiveness of the FSI to the hacker/cyber criminal community. While not all of them can be associated with Authentication and Identity Management issues, it’s undeniable that they have played a prominent role.

An increased focus on authentication and identity management is a right step forward but just confirming a user’s identify is only half the task. With the concept of Zero Trust gaining momentum, authentication and identification must be reinforced by the network itself through policy based access and segmentation.

This session will look back at some of the data breaches that have been attributed to weak authentication methods and how they might have been prevented. At the same time, the concept of internal network segmentation will be presented to show how both halves of the equation need to be brought together to effectively close off this common attack vector.

Locks, barriers and traps will eventually be broken and overcome. The enterprise security infrastructure must continuously evolve in order to continue to protect the enterprise’s assets and provide mitigation in case of a breach.

Security operations tools can play a critical role in maintaining the enterprise security posture through internal and external evolution.

During this presentation, we will explore the role of SIEM as an enabler and how FortiSIEM can be a catalyst for a more efficient, effective and complete cybersecurity infrastructure.

Digital Transformation, alongside European and country specific initiatives, liberalisation and competitive pressures, is transforming utilities, factories and critical infrastructure and their Operational Technology.

With emphasis on Cyber Physical Systems, design-Customer-Supply chain collaboration, mobility and the cloud as the core enablers of his transformation, OT security must evolve to meet today’s cyber security challenges.

This session will provide a high level view of these changes, the security challenges they present, and the security solutions which must be put in place to ensure a secured industrial transformation.

Software is eating the world – driving digital transformation and changing the way businesses do business. Cloud is a core enabler in every enterprise’s digital transformation voyage - facilitating innovation, agility and cost efficiency.

But harnessing the power of the cloud creates a multi-dimensional environment where applications, data and information are borderless and yet, regardless of their changing location and existence, must be protected and secured as part of the enterprise overall security strategy and posture.

This session will provide an overview of the unique security challenges in a multi-dimensional cloud environment, and the solution framework required for empowering and securing digital transformation.

We all know that technology plays a role in our everyday life but do you know the extent of that role? Advertising tells us to spend more and more of our life online and embrace technology in our homes, cars and everywhere else a microchip can be placed.

But nowhere is there a message about the consequences of the misuse of that technology. 2016 has seen a rise in the number of incidents involving ransomware, IoT, and simply well intentioned connectivity gone wrong. That momentum is set to continue into 2017 and beyond.

Although past performance does not guarantee future results, this session will focus on what we have seen this year and what we expect to see in the near future.

The firewall wars have caused nothing but confusion in the market. Lines have been drawn between UTM and NGFW; are they different or are they the same thing? Unfortunately that confusion has led to introducing complexity and vulnerability in enterprise networks. There is a better way. Rather than fighting through a sea of acronyms, focus on what’s really important - How can I simplify my security infrastructure and improve my ability to fight off advanced attacks, no matter where they occur in the network?

This session will present a new way of thinking about firewalls, one without the confusion, acronyms and complexity.

Data center transformation with server and network virtualization are leading to agile IT environments that accelerate business initiatives and deliver more responsive applications.

How can security itself be made more elastic and agile in Software-Defined Data Centers?

A vision for Software-Defined Security is introduced, and a three-part framework will outline how network security is evolving across all layers of the network architecture, from the data plane to the control plane to the management plane.

During the past 15 years, access layer solutions have evolved, especially in terms wireless connectivity.

Today's wireless connectivity has multiple approaches, each better meeting the specific requirements of organisations through a choice of different architectures. Whether its a refresh, redeployment, change of application or a brand new site, there are a lot of options.

During this webinar we’ll examine different approaches and how to apply them to different verticals or deployment scenarios. As wireless connectivity continues to evolve, we will also look to the future and see how trends in new hardware can provide cutting edge solutions to meet the potential needs of tomorrow's organisations.

The presentation will end with an overview of Fortinet's Secure Access Architecture and how it can meet today's and tomorrow's wireless requirements.

More and more solutions are crowding into the market but data breaches are still happening and there’s no end in sight. Is an over reliance of technology creating a false sense of “everything’s okay”? This session will focus on the three key aspects of comprehensive advanced threat protection; technology, awareness and in particular the role of threat intelligence.

IoT is everywhere these days and like most new and shiny things our attention is focused on its coolness factor.

However, behind that pleasing and shining exterior lurks a potentially devastating menace. In the rush to bring product to market, very few if any manufacturers are security conscious, and as more and more of these products are deployed in the enterprise, the risk of a successful network breach increases exponentially.

This session will focus on the potential dangers with IoT and look at the question of how and why IoT security is different from traditional IT security.

Fortinet is a global leader and innovator in Network Security. Our mission is to deliver the most innovative, highest performing network security platform to secure and simplify your IT infrastructure.

We are a provider of network security appliances and security subscription services for carriers, data centers, enterprises, distributed offices and MSSPs. Because of constant innovation of our custom ASICs, hardware systems, network software, management capabilities and security research, we have a large, rapidly growing and highly satisfied customer base, including the majority of the Fortune Global 100, and we continue to set the pace in the Network Security market.

Our market position and solution effectiveness has been widely validated by industry analysts, independent testing labs, business organizations, and the media worldwide. Our broad product line of complementary solutions goes beyond Network Security to help secure the extended enterprise.